[Buildroot] [PATCH 1/1] package/modsecurity2: new package
Tom Marcuzzi
tom.marcuzzi at orolia.com
Fri Nov 22 10:57:50 UTC 2019
Matthew,
Le 21/11/2019 à 21:14, Matthew Weber a écrit :
> Tom,
>
> On Thu, Nov 21, 2019 at 2:05 PM Tom Marcuzzi <tom.marcuzzi at orolia.com> wrote:
>>
>> From: Tom Marcuzzi <tom.marcuzzi at orolia.com>
>>
>> Signed-off-by: Tom Marcuzzi <tom.marcuzzi at orolia.com>
>> ---
>> package/Config.in | 5 +++++
>> package/modsecurity2/Config.in | 12 ++++++++++++
>> package/modsecurity2/modsecurity2.hash | 4 ++++
>> package/modsecurity2/modsecurity2.mk | 22 ++++++++++++++++++++++
>> 4 files changed, 43 insertions(+)
>> create mode 100644 package/modsecurity2/Config.in
>> create mode 100644 package/modsecurity2/modsecurity2.hash
>> create mode 100644 package/modsecurity2/modsecurity2.mk
>>
>> diff --git a/package/Config.in b/package/Config.in
>> index f72c77b416..c056c210fb 100644
>> --- a/package/Config.in
>> +++ b/package/Config.in
>> @@ -1888,6 +1888,11 @@ menu "Networking applications"
>> source "package/aircrack-ng/Config.in"
>> source "package/aoetools/Config.in"
>> source "package/apache/Config.in"
>> +if BR2_PACKAGE_APACHE
>> +menu "External Apache modules"
>> + source "package/modsecurity2/Config.in"
>> +endmenu
>> +endif
>> source "package/argus/Config.in"
>> source "package/arp-scan/Config.in"
>> source "package/arptables/Config.in"
>> diff --git a/package/modsecurity2/Config.in b/package/modsecurity2/Config.in
>> new file mode 100644
>> index 0000000000..7d99a42552
>> --- /dev/null
>> +++ b/package/modsecurity2/Config.in
>> @@ -0,0 +1,12 @@
>> +config BR2_PACKAGE_MODSECURITY2
>> + bool "modsecurity2"
>> + depends on BR2_PACKAGE_APACHE
>> + select BR2_PACKAGE_LIBXML2
>> + help
>> + ModSecurity is an open source, cross-platform web application
>> + firewall (WAF) module. Known as the "Swiss Army Knife" of
>> + WAFs, it enables web application defenders to gain visibility
>> + into HTTP(S) traffic and provides a power rules language and
>> + API to implement advanced protections.
>> +
>> + http://modsecurity.org
>> diff --git a/package/modsecurity2/modsecurity2.hash b/package/modsecurity2/modsecurity2.hash
>> new file mode 100644
>> index 0000000000..c7f80c8957
>> --- /dev/null
>> +++ b/package/modsecurity2/modsecurity2.hash
>> @@ -0,0 +1,4 @@
>> +# From https://www.modsecurity.org/tarball/2.9.3/modsecurity-2.9.3.tar.gz.sha256
>> +sha256 4192019d169d3f1dd82cc4714db6986df54c6ceb4ee1c8f253de78d1a6b62118 modsecurity-2.9.3.tar.gz
>> +# Locally computed
>> +sha256 2c564f5a67e49e74c80e5a7dcacd1904e7408f1fd6a95218b38c04f012d94cb9 LICENSE
>> diff --git a/package/modsecurity2/modsecurity2.mk b/package/modsecurity2/modsecurity2.mk
>> new file mode 100644
>> index 0000000000..05fe12fd0e
>> --- /dev/null
>> +++ b/package/modsecurity2/modsecurity2.mk
>> @@ -0,0 +1,22 @@
>> +################################################################################
>> +#
>> +# modsecurity2
>> +#
>> +################################################################################
>> +
>> +MODSECURITY2_VERSION = 2.9.3
>> +MODSECURITY2_SOURCE = modsecurity-$(MODSECURITY2_VERSION).tar.gz
>> +MODSECURITY2_SITE = https://www.modsecurity.org/tarball/$(MODSECURITY2_VERSION)
>> +MODSECURITY2_LICENSE = Apache-2.0
>> +MODSECURITY2_LICENSE_FILES = LICENSE
>> +MODSECURITY2_INSTALL_STAGING = YES
>> +
>> +MODSECURITY2_DEPENDENCIES += apache libxml2
>
> Does this pkg provide a libmodsecurity library that can be used for
> apache or nginx? My understanding was nginx required an additional
> connector plugin but it used this same package.
>
This package is the version 2 of ModSecurity, which is an apache module
that can be built as a standalone module for nginx (not the case here).
This requires nginx to be compiled with this specific module.
The version 3 of ModSecurity provides indeed a libmodsecurity library
than can be used through connectors with apache and nginx.
>> +
>> +MODSECURITY2_CONF_OPTS += --with-pcre=$(STAGING_DIR)/usr/bin/pcre-config \
>> + --with-libxml=$(STAGING_DIR)/usr \
>> + --with-apr=$(STAGING_DIR)/usr/bin/apr-1-config \
>> + --with-apu=$(STAGING_DIR)/usr/bin/apu-1-config \
>> + --with-apxs=$(STAGING_DIR)/usr/bin/apxs
>> +
>> +$(eval $(autotools-package))
>> --
>> 2.17.1
>>
>> _______________________________________________
>> buildroot mailing list
>> buildroot at busybox.net
>> http://lists.busybox.net/mailman/listinfo/buildroot
>
>
>
> --
>
> Matthew Weber | Associate Director Software Engineer | Commercial Avionics
>
> COLLINS AEROSPACE
>
> 400 Collins Road NE, Cedar Rapids, Iowa 52498, USA
>
> Tel: +1 319 295 7349 | FAX: +1 319 263 6099
>
> matthew.weber at collins.com | collinsaerospace.com
>
>
>
> CONFIDENTIALITY WARNING: This message may contain proprietary and/or
> privileged information of Collins Aerospace and its affiliated
> companies. If you are not the intended recipient, please 1) Do not
> disclose, copy, distribute or use this message or its contents. 2)
> Advise the sender by return email. 3) Delete all copies (including all
> attachments) from your computer. Your cooperation is greatly
> appreciated.
>
>
> Any export restricted material should be shared using my
> matthew.weber at corp.rockwellcollins.com address.
> ATTENTION: This email came from an external source.
> Do not open attachments or click on links from unknown senders or unexpected emails.
>
--
Tom Marcuzzi
More information about the buildroot
mailing list